The Director of Information Security leads the development and implementation of a security program that leverages collaborations and campus-wide resources, facilitates information security governance, advises senior leadership on security direction, prioritizes resource investments, and designs appropriate policies to manage information security risk.
This position protects and secures the University's information and oversees the maturation, accountability, and evaluation of its security. Oversight of the UNCW cybersecurity program, including monitoring, incident response, digital forensics, security operations, cyber-defense, vulnerability management, endpoint, server security, email security, information security awareness training, and building an enterprise-level Security Operations Center. Participates on UNC System Information Security Council.
The position reports directly to the Chief Information Officer and is a critical Information Technology Leadership team member.
Minimum Education and Experience Requirements:
Minimum requirements include a related Master's degree and advanced IT management experience; OR a Bachelor's degree in Computer Science, Computer Engineering, or an Information Security degree or closely related field from an appropriately accredited institution; OR a Bachelor's degree from an appropriately accredited institution and one year of experience in IT Security or closely related area; OR an Associate's degree in Information Systems Security from an appropriately accredited institution and two years of experience in IT Security or closely related area; OR an equivalent combination of education and experience, including leadership responsibilities in a technology environment.
Possess the ability to work with senior university leaders to establish the best balance between information security strategies and other priorities at an institution-wide level.
Possess excellent leadership skills and sound judgment.
Possess maturity, reliability, composure, stability under pressure, and the ability to offer and receive constructive criticism objectively.
The ability to work in a team/collaborative environment with a broad range of constituencies is essential.
Proven ability to exercise independent thinking and judgment. Demonstrated effective written and verbal communication skills.
Proven ability to write policies and procedures relating to information technology and develop and administer an information security program.
Ability to present information to large and small groups.
Excellent problem-solving skills with proven organizational skills.
Ability to provide technical leadership on complex projects.
Excellent understanding and knowledge of the field of information technology security.
Proficiency in incident response.
Knowledge of the IT security industry trends and federal and state regulations that have an impact on the University's technological business.
Senior-level Information Security experience within multiple core operational security domains such as Malware defense, forensics, email security, content filtering, vulnerability management, incident response, privileged access management, or edge protection
Knowledge of systems risk and risk assessment concepts.
Working knowledge of networking concepts, protocols, and technologies, including IDS/IPS, firewalls, and DNS. Experience with Secure SDLC and secure development tools.
Experience with Active Directory, email servers/systems, and cloud integration.
Experience with and knowledge of regulatory requirements and compliance issues as applied to technology (e.g., PCI, HIPAA, FISMA, FERPA, etc.).
Possess the ability to work with Internal Audit, System Auditors, outside consultants, and/or Office of the State Auditor in a lead capacity.
Professional certification (e.g., CISSP, CISM) is highly desirable.
Experience with multiple security frameworks such as ISO 27002, NIST 800-53, and CIS.
Possess experience in developing and administering an information security program in a complex higher education environment.
Required Certifications or Licensure:
Primary Purpose of Organizational Unit:
The Department of Information Security is responsible for the development of the security strategy for the organization, the implementation, and management of comprehensive policies and procedure guidelines for information technology security for the entire campus.
This recruitment is working in tandem with Insight Global.
At the University of North Carolina at Wilmington (UNCW), our culture reflects our values of inclusion, diversity, globalization, ethics and integrity and innovation and we are committed to providing equality of educational and employment opportunity for all persons without regard to race, sex (such as gender, gender identity, marital status, childbirth, and pregnancy), age, color, national origin (including ethnicity), religion, disability, sexual orientation, political affiliation, veteran status, military service member status, genetic information, or relationship to other university constituents – except where sex, age, or ability represent bona fide educational or occupational qualifications or where marital status is a statutorily established eligibility criterion for State funded employee benefit programs. UNCW believes that embracing the unique contributions of our faculty, staff and students is critical to our success and paramount in being recognized for our global mindset.
About The University of North Carolina at Wilmington
The University of North Carolina Wilmington, the state’s coastal university, is dedicated to the integration of teaching, mentoring, research and service. Widely acknowledged for its world-class faculty and staff and continuously recognized at a national level for scholarly excellence and affordability, UNCW offers a powerful academic experience that stimulates creative inquiry and critical thinking and a community rich in diversity, inclusion and global perspectives.A public institution with nearly 18,000 students, UNCW offers a full range of baccalaureate- and graduate-level programs, as well as doctoral degrees in educational leadership, marine biology, nursing practice and psychology; and many distance learning options, including clinical research, an accelerated RN-to-BSN program, an Executive M.B.A. program structured for working professionals, and the nation’s only bachelor’s degree program focused on coastal engineering.The university’s efforts to advance research and scholarly activities have earned UNCW the elevated designation of “Doctoral Universities: High Research Activity” institution (R2 University) by the Carnegie Classification of Institutions of Higher Education.UNCW has been part of the University of North Carolina System since 1969.